Package com.broadleafcommerce.auth.authorization.security.spring

Class PublicRefreshPublicClientAuthenticationConverter

java.lang.Object

com.broadleafcommerce.auth.authorization.security.spring.PublicRefreshPublicClientAuthenticationConverter

All Implemented Interfaces:

org.springframework.security.web.authentication.AuthenticationConverter

public final class PublicRefreshPublicClientAuthenticationConverter
extends Object
implements org.springframework.security.web.authentication.AuthenticationConverter

Attempts to extract the parameters from HttpServletRequest used for authenticating public clients using Proof Key for Code Exchange (PKCE) or refresh token. This is a customized version of the original Spring class (PublicClientAuthenticationConverter). The difference here is that we allow public clients to also convert with a valid refresh token and redirect uri for refresh_token grant flows.

See Also:

• PublicClientAuthenticationConverter.java
• Proof Key for Code Exchange by OAuth Public Clients

Constructor Summary

Constructors

Constructor	Description
PublicRefreshPublicClientAuthenticationConverter()

Method Summary

Modifier and Type	Method	Description
org.springframework.security.core.Authentication	convert(jakarta.servlet.http.HttpServletRequest request)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

PublicRefreshPublicClientAuthenticationConverter

public PublicRefreshPublicClientAuthenticationConverter()

Method Details

convert

@Nullable
public org.springframework.security.core.Authentication convert(jakarta.servlet.http.HttpServletRequest request)

Specified by:

convert in interface org.springframework.security.web.authentication.AuthenticationConverter